Queries on scanning via Load Balancer

I have a few clarifications on scanning via LB. I have read a few other threads in this community which says that scanning through LB is not recommended and suggests to place the scanner in same network or deploy cloud agent.

If the target host sitting behind LB has some 20 ports open and LB forwards only https traffic on 443 port alone to the target host, will the remaining 19 ports on the target host still be accessible via LB for an external user ? Can someone coming in from the internet connect to the target host on the 19 ports which is not open on LB (or LB doesn't forward that traffic)

If we are assessing security vulnerabilities from an external attacker's view, will scanning via the LB not suffice ? Since other ports are not open in LB and any such requests to ports other than 443 will be dropped by the LB

If there is a missing patch for a vulnerability and that vulnerability affects only RDP service (port 3389), and considering the fact that LB will forward only https (port 443) traffic to the target host and not any other ports traffic, do we still need to worry about that (Lets exclude insider attack for this discussion)

- The LB is after the FW, so it depends on how many ports are exposed to the internet. Also remember LB balances the traffic (IP:port) not host.

- From the external angle, scan without any whitelisting to know what the hacker can see. Also think about a bypass scenario.

- Unless Qualys scans the port running the RDP service, we wont even report that vuln, so from an external angle your risk is mitigated at the FW itself that does not allow anything other than 443 to a LB in your DMZ.